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DETAILED ACTION 

1 . Claims 1 -29 have been examined. 

Claim Rejections - 35 (JSC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 1 02 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

3. Claims 1-29 are rejected under 35 U.S.C. 102(b) as being anticipated by Jancula US 
2002/0023208 A1. 

4. As per claim 1 , Jancula teaches a computer-implemented method for enhancing the 
security of communication over a network, the method comprising: 

receiving a set of authentication credentials from a user [paragraphs 0056-0057 and 
0069-0071]; 

receiving from the user a request that requires communication over the network with a 
remote system [paragraphs 0056-0057 and 0070-0073]; 

applying a collection of security privileges to the set of authentication credentials to 
determine if the user is authorized to carry out the request [paragraphs 0057-0058 and 0071- 
0075]; 

selectively transmitting a security certificate over the network to the remote system, the 
certificate containing a public key [paragraphs 0056-0057]; 

receiving from the remote system a session ticket that has been encrypted with the 
public key [paragraph 0088]; 
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decrypting the session ticket with a corresponding private key [paragraph 0089-0091]; 
using the session ticket as an authenticator for subsequent communications with the 
remote system [paragraphs 0093-0096]. 

5. As per claim 12, Jancula teaches a computer-implemented method for enhancing the 
security of communication over a network, the method comprising: 

generating a public key and a corresponding private key [paragraph 0056]; 

storing the private key [paragraph 0056]; 

transmitting the public key over the network to a registration service [paragraphs 0056- 
0057]; ■ 

receiving from the registration service a security certificate that includes the public key 
[paragraphs 0056-0057]; 

transmitting the security certificate over the network to an entity with which a channel of 
communication is desired [paragraphs 0056-0057]; 

receiving from the entity a session ticket encrypted with the public key [paragraphs 0060 
and 0088]; 

decrypting the session ticket with the private key [paragraphs 0061 and 0089-0091]; 

and 

using the session ticket as an authenticator for subsequent communications with the 
entity [paragraphs 0062 and 0093-0096]. 



6. As per claim 18, Jancula teaches a communication security system for facilitating the 
enhancement of the security of communications over a network, the system comprising: 



Application/Control Number: 10/725,881 Page 4 

Art Unit: 2135 

a client application configured to respond to a user request for service by retrieving a 
security certificate that contains a public encryption key, and by obtaining a service identifier 
that corresponds to the user request [paragraphs 0056-0057 and figures 1-2]; 

an authorization service configured to receive the security certificate and the service 
identifier from the client application, and being further configured to selectively generate a 
corresponding session ticket that is encrypted with the public key, the client application being 
further configured to receive and decrypt the corresponding session ticket with a private key that 
corresponds to the public key [paragraphs 0085, 0088 and figures 1-2]; and 

a service provider configured to receive a service command with the corresponding 
session ticket after it has been decrypted, and being further configured to validate information 
contained in the corresponding session ticket and selectively execute the service command 
[paragraphs 0062, 0093-0096 and figures 1-2]. 

7. As per claim 21 , Jancula teaches a method for enabling secure communication between 
a service provider and a plurality of socket applications installed on multiple computing devices 
within a local access network, wherein the service provider is configured to extend the 
functionality of the socket applications by providing services, the method comprising: 

creating an account by registering with a centralized authentication service associated 
with the service provider, wherein registering includes indicating a desire to activate a service 
supported by the service provider [paragraphs 0056-0057 and 0070-0072]; and 

activating each of the plurality of socket applications, wherein activating comprises: 

generating a public key and a corresponding private key [paragraph 0056]; 

storing the private key [paragraph 0056]; 
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transmitting the public key over the network, along with an indication of the account, to 
the centralized authentication service [paragraphs 0056-0057]; and 

receiving from the authentication service a security certificate that includes the public 
key [paragraphs 0060 and 0088]. 

8. As per claim 26 Jancula teaches a computer-implemented method for enhancing the 
security of communication over a network between multiple peer application hosts, the method 
comprising: 

receiving a security certificate from a first application host [paragraphs 0056-0057]; 

generating a session ticket [paragraphs 0085 and 0088]; 

encrypting the session ticket with a public key contained in the security certificate 
[paragraphs 0060 and 0088]; 

transmitting the session ticket to the first application host [paragraph 0088]; and 

receiving a message from the first application host, the message being at least partially 
encrypted in accordance with the session key prior to its being encrypted with the public key 
[paragraphs 0091-0096]. 

9. As per claims 2-7, Jancula further teaches the method wherein: selectively transmitting a 
security certificate to the remote system comprises selectively transmitting a security certificate 
to a service provider configured to extend the functionality of a software application by remotely 
providing a service, and receiving from the user a request comprises receiving a request for a 
delivery of said service [paragraphs 0056-0057 and 0085]. 
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10. As per claim 8, Jancula further teaches the method wherein selectively transmitting a 
security certificate comprises selectively transmitting a security certificate that contains an 
embedded indication of the identity of an entity associated with which the user is associated 
[paragraphs 0056-0057]. 

11. As per claims 9-1 1 , Jancula further teaches the method wherein applying a collection of 
security privileges comprises applying a collection of security privileges wherein access rights 
are distributed among a plurality of user accounts each associated with a different set of 
authentication credentials [paragraphs 0057-0058 and 0071-0075]. 

12. As per claim 13, Jancula further teaches the method wherein using the session ticket 
comprises using the session ticket as a symmetric cryptography key for encrypting messages 
[paragraphs 0062 and 0093-0096]. 

13. As per claims 14-15, Jancula further teaches the method wherein transmitting the 
security certificate over the network comprises transmitting the security certificate to a service 
provider configured to extend the functionality of a software application by remotely providing a 
service [paragraphs 0056-0057]. 

14. As per claims 16-17, Jancula further teaches the method wherein transmitting the 
security certificate over the network comprises transmitting the certificate to a remote peer 
[paragraphs 0056-0057]. 
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1 5. As per claim 22, Jancula further teaches the method further comprising activating one or 
more services [paragraphs 0056-0067]. 

16. As per claim 23, Jancula further teaches the method further comprising interacting with 
at least one socket application to configure a set of user access privileges [paragraphs 0056- 
0057], 

17. As per claim 27, Jancula further teaches the method further comprising: generating a 
response message, encrypting the response message, and transmitting the message to the first 
application host [paragraphs 0056-0057 and 0088]. 

18. As per claims 19, 20, 24 and 25, Jancula further teaches the method wherein the 
authorization service is further configured to again encrypt the corresponding session ticket but 
this time with a first key portion of a service key pair [paragraph 0088]. 

1 9. As per claims 28 and 29, Jancula further teaches the method further comprising 
authenticating the certificate [paragraphs 0056-0057]. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Beemnet W. Dada whose telephone number is (571) 272-3847. The 
examiner can normally be reached on Monday - Friday (9:00 am - 5:30 pm). 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y. Vu can be reached op (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Beemnet W Dada 
September 25, 2007 



